Site for generating certificate: https://help.ubuntu.com/6.06/ubuntu/serverguide/C/httpd.html
SSL certificates: prove ID of the server; vouched for by CA (certificate authority); SSL is replaced by TLS-a newer improved protocol. SSL uses public key encryption to transfer key, then use that key for symmetric encryption.
Certificate also contain public key for the server. It use it for checking if verify by the CA.
how to:
sudo openssl req -x509 -nodes -days 90 -newkey rsa:1024 -keyout testcert.pem
testcert.pem: name of keyout put
country name: US, state: HI, locality: honolulu, organization: KCC, unit name: its344, common name (your servername: have to match in apache config file IMPORTANT): www.its344.edu (will be different depend), email address: nguyentd@hawaii.edu. There is your certififate: Need to add exception in order to work. Just self-sign
FOR THOSE WHOSE WITHOUT DNS SERVER:
cd /etc, more hosts, there is: www1.its344.edu, paste that in firefox, it will map to the ip address.
No comments:
Post a Comment